What is suggested way of implementing security in a nodal API?
vonwao opened this issue · 0 comments
vonwao commented
It seems that every app will need some kind of authorization system, whether it's based on Roles, or something else. Some ways it's implemented in other frameworks:
- sailsjs: Policies
- firebase: .read/.write
- meteor: allow/deny (and roles via third-party packages).
NOTE: I found an Authorizer object in documentation with #definePermission #permissible #permission functions. But I cannot find any examples of how this object or these methods are supposed to be used.